3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-08-02 00:10:45 +02:00
Code Issues Projects Releases Packages Wiki Activity

mcp: handle and pass upstream oauth2 tokens (#5595)

Browse source
This commit is contained in:
Denis Mishin 2025-05-01 12:42:31 -04:00 committed by GitHub
parent 561b6040b5
commit 9d66f762e1
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
14 changed files with 337 additions and 80 deletions
Download patch file Download diff file Expand all files Collapse all files

7
authorize/evaluator/config.go
View file

@ -1,8 +1,7 @@
package evaluator
import (
"time"
"github.com/pomerium/pomerium/authorize/internal/store"
"github.com/pomerium/pomerium/config"
"github.com/pomerium/pomerium/internal/hashutil"
)
@ -19,7 +18,7 @@ type evaluatorConfig struct {
JWTClaimsHeaders config.JWTClaimHeaders
JWTGroupsFilter config.JWTGroupsFilter
DefaultJWTIssuerFormat config.JWTIssuerFormat
MCPAccessTokenProvider func(string, time.Time) (string, error) `hash:"-"`
MCPAccessTokenProvider store.MCPAccessTokenProvider `hash:"-"`
}
// cacheKey() returns a hash over the configuration, except for the policies.
@ -118,7 +117,7 @@ func WithDefaultJWTIssuerFormat(format config.JWTIssuerFormat) Option {
}
// WithMCPAccessTokenProvider sets the MCP access token in the config.
func WithMCPAccessTokenProvider(fn func(sessionID string, expires time.Time) (string, error)) Option {
func WithMCPAccessTokenProvider(fn store.MCPAccessTokenProvider) Option {
return func(cfg *evaluatorConfig) {
cfg.MCPAccessTokenProvider = fn
}